cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1547
Views
0
Helpful
8
Replies

CSM to update IPS sensors

leo_zidane
Level 1
Level 1

I have a CSM 3.1. I wanted to update my IPS AIP-SSM 10 using CSM.

How does CSM do the updating will it update the sensors incrememtatly?

Cause if my sensor is on a older version will CSM just update it to the latest without regards whether it is able to support?

Do i need to do a rediscover of device via the live device option to make sure CSM is in syn with the IPS?

How to revert if an rediscovery is applied?

8 Replies 8

vkapoor5
Level 5
Level 5

Click on the Tools menu and Select Apply IPS Update to install the latest IPS signatures.

Select the Latest Signature file and Click "Next

Select the devices on which the IPS update has to be applied and click Next.

For further information click this link.

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/prod_white_paper0900aecd8066d280.html

I am unable to download updates using CSM. I have opened firewall for outgoing ports and indicate my proxy server. What is the problem now?

The error is

-->Unable to communicate with locator service to retrieve available files.

Just to bump this thread back up again I now have the same problem

digisridhar
Level 1
Level 1

CSM Needs a valid CCO Login ID under which the IPS device/Serial is added for Signature updates. If it is not the case then u can run into such errors.

Thats the problem it has got the correct details - they are what I used to download the patches manually.

Are there any log files on the system which will show me what is happenning when it tried to download the files?

Thanks

Giles

Hi,

Has anyone fold a solution to this problem as I have it also and it is driving me a little nuts!

Mark

just done a bit more digging....

there is a file in the following directory

c:\program files\cscopx\mdc\ips\etc

called sensorupdate.properties.

In this file is the following entry

# URL for signature download

sigIdLink:http://tools.cisco.com/security/center/prsc/viewSignature.x?

Can someone tell me if this is where the downloads should be retrieved from. I tried accessing the URL from the server but it wouldn't work. However the server itself can download the update files manually using the same login details as the program.

Thanks in advance

Giles

Hi everybody.

I still have the same problem with CSM 4.3 SP1.

As bgl-group pointed out there are some url's in the cscopx\mdc\ip\etc\sensorupdate.properties files.

"

# URL for signature download

sigIdLink:http://tools.cisco.com/security/center/prsc/viewSignature.x?

# URL for CCO Locator. Refer CSCsz13376 for details.

# CSCth05675 : Chnaged the URL to SPRIT

# In order to test the payload re-direction please enter the URL in the same property

ccoLocatorURL:https://www.cisco.com/cgi-bin/front.x/ida/locator/locator.pl

# Retry count for CCO download

# If the CSM is not able to contact CCO due to server side issues or due to invalid response sent from CCO

# CSM will retry with the no of times as the value of the count metnioned below(with in time interval being the random time from 5-15 minutes)

# By default the retry count value is 3

filelistRetryCount:3

"

Did anyone have the chance of verify woking properties?  Ours are still default, but we constantly have problems with the updates (the used cco-account does have permissions to downoad ips signatures)

Thanx in advance

Jarle

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: